[Snort-sigs] Sourcefire VRT Certified Rules Update

Sourcefire VRT research at ...435...
Mon Apr 16 18:05:03 EDT 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sourcefire VRT Certified Rules Update

Synopsis:
The Sourcefire VRT is aware of vulnerabilities affecting hosts using
the Microsoft DNS Server Service. This release enhances the detection
capabilities for this vulnerability.


Details:
Microsoft Security Advisory (935964):
Microsoft DNS Server Service is prone to a vulnerability that may allow
a remote attacker to execute code on an affected system. This issue is
present in the RPC interface of servers using Microsoft's
implementation of DNS.

In order to detect attacks targeting this vulnerability, the DCE/RPC
preprocessor must be configured to use 'autodetect'. This is the
default behavior for the preprocessor.

This release provides updated detection for this vulnerability.


For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2007-04-16.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGI/MPoFlcG+k7cPwRAoj5AKDMqiaI2owSnl8vfmMrkfzITDhIegCfQXnT
wR6T/zJVKcHugJLDpH7/yNM=
=3GHG
-----END PGP SIGNATURE-----




More information about the Snort-sigs mailing list